Essential Cloud Computing Characteristics
Cloud computing, as described by the NIST publication 800-145, is an innovative computing paradigm that delivers computer resources, services, and applications via the internet on demand. It enables users to remotely access, store, and administer data and applications without having to invest in or maintain physical infrastructure or hardware.
As per the NIST publication 800-145, the cloud computing model can be further defined by having five fundamental characteristics, three service models, and four deployment methods:
- The five essential characteristics of cloud computing are as follows:
- On-demand self-service: Cloud services can be deployed and maintained by the user without the service provider’s participation
- Extensive network access: Cloud services are accessible over the internet, making them accessible from several devices and places
- Resource pooling: Cloud providers share resources such as storage, computation, memory, and bandwidth to serve several consumers simultaneously
- Rapid elasticity: Cloud resources can be readily scaled up or down to meet variable demands, allowing peak loads to be accommodated without compromising performance
- Measured service: Cloud consumption is monitored, controlled, and reported so that users only pay for the resources they consume
- The three service models are as follows:
- SaaS: The SaaS approach provides internet-based applications that are ready for use. Consumers need not concern themselves with infrastructure, software upgrades, or maintenance.
- Platform as a service: Platform as a Service (PaaS) provides an environment to create, deploy, and maintain applications. Users can concentrate on application development without thinking about the underlying infrastructure.
- Infrastructure as a service: Infrastructure as a Service (IaaS) offers virtualized computing resources, including Virtual Machines (VMs), storage, and networking. The user controls their infrastructure, while the Cloud Service Provider (CSP) oversees the physical hardware.
- The four deployment models are as follows:
- Private cloud: The cloud infrastructure is devoted to a single enterprise, providing more security and data privacy controls
- Community cloud: This deployment approach supports several enterprises that have common concerns, such as security needs or regulatory compliance
- Public cloud: The cloud infrastructure is owned and managed by a service provider, who sells services to the general public or a major industrial group
- Hybrid cloud: This model combines two or more of the preceding deployment methods, enabling enterprises to make use of the benefits of each while keeping separate environments
Note
You can find more resources about cloud computing and its characteristics here: https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-145.pdf.
As a cloud security expert, it is crucial that you understand these definitions and components in order to create, implement, and maintain security solutions that safeguard sensitive data and guarantee compliance with industry requirements. Cloud security comprises a vast array of techniques and technologies, including identity and access management, encryption, intrusion detection, and secure data transfer that protect cloud-based resources and services. By understanding the specific characteristics of cloud computing, security professionals can better minimize possible risks and vulnerabilities in an environment that is rapidly evolving.
In this section, you learned about the essential cloud computing characteristics. The next section will focus on cloud stakeholders.
